FortiGuard Labs Threat Landscape Report is a semiannual report that examines the cyber threat landscape, identifies key trends and offers recommendations about areas CISOs, MSSPs and security teams pay attention to in the coming months.

The findings are based on data collected through Fortinet’s global array of sensors monitored by the FortiGuard Labs team which comprises leading threat hunters, researchers, analysts, engineers and data scientists. Here’s what they learned and what you need to know -- now.

Insight #1 - Ransomware is on the Rise
Cybercriminals are upping their ransomware game—deploying more sophisticated and aggressive attacks, introducing new strains, and updating, enhancing and reusing old ones. In the first half of 2022, the FortGuard Labs team identified 10,666 new ransomware variants compared to 5,400 in 2H 2021—a nearly 100 percent increase in just six months.

Ransomware-as-a-Service (RaaS) is the main reason for this surge in ransomware. Cybercriminals are using subscription-model services and purchasing plug-and-play ransomware to achieve a quick payday in just a few clicks.

Insight #2 - Wipers are Expanding Across Borders
There is nothing worse than having your data stolen—unless it’s also wiped. The Fortinet team’s analysis of wiper malware data found that cybercriminals are using malicious software that destroys data by wiping it. In the first six months of 2022, FortiGuard Labs identified at least seven significant new wiper variants used by attackers in various targeted campaigns against government, military and private organizations. This is something MSSPs and security leaders should pay particular attention to since that number is nearly as many total wiper variants as have been publicly detected in the past 10 years.

While the use of wiping has been seen in conjunction with the war in Ukraine, the use of disk-wiping malware was also detected in 24 additional countries. In February, the US Cybersecurity and Infrastructure Security Agency (CISA) warned of the direct threat that wipers can present to daily operations and noted how the attacks in Ukraine could touch organizations in other countries. “Organizations should increase vigilance and evaluate their capabilities encompassing planning, preparation, detection and response for wiper attacks,” the CISA warned.

Insight #3 – Endpoints and OT Devices are Cybercriminals’ Preferred Targets
The pandemic forced organizations to create comprehensive work-from-anywhere (WFA) security strategies, which can be fraught with security risks. While endpoints remain one of an attacker’s top targets, vulnerabilities are also being found in operational technology (OT) products. Cybercriminals are focusing more of their attention on OT as we shift to an increasingly interconnected world. The Fortinet team examined OT vendors to determine which have the highest volume of vulnerabilities and detailed their findings in this report.

Now for some good news—you don’t have to battle cyberattacks on your own. Following are a few resources to help you.

• FortiRecon can be used to do external surface threat assessments, find and remediate security issues and help you gain contextual insights on current and imminent threats.
• The NSE Institute Training covers everything from cybersecurity basics to expert knowledge of all Fortinet solutions.
• For help with patching, information in the FortiGuard Labs Threat Landscape Report can help you prioritize the patches needed to secure your clients’ environments.